Author Topic: [Reopen] BSOD of AIS Sandbox  (Read 30036 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
[Reopen] BSOD of AIS Sandbox
« on: July 05, 2010, 08:16:22 PM »
I've uninstalled CTM 175 beta by the console because I had two BSODs with the same CTM driver CTMFLT.SYS.
I suspect it could be related to avast Sandbox. It was the only change in my system in the last 2-3 days.
I was working with Firefox sandboxed.
Can you, please, test?
I do not have the memory dump (as you already know that CTM blocks it).

Error message:
A driver has overrun a stack-based buffer
CTMFLT.SYS
0x000000F7 (0x8D19BBC3 0x83A59125 0x7C5AGEDA 0X00000000)

Thanks.
« Last Edit: December 16, 2010, 03:19:33 PM by Tech »
The best things in life are free.

Dch48

  • Guest
I have to say that I'm impressed by the way you stick with testing out CTM.

To slightly misquote Rudyard Kipling,  "You're a braver man than I am, Gunga Din"   ;D

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Did you try blue screen view http://www.nirsoft.net/utils/blue_screen_view.html
and can you give us a report of your drivers,use your preferred tool or use hijack hunter:
http://www.novirusthanks.org/products/hijack-hunter/
Dreams don't die, they just fall asleep.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Did you try blue screen view http://www.nirsoft.net/utils/blue_screen_view.html.
When the Windows is handling the blue screen dump, drivers are not loaded. CTM drivers can't be loaded and the disk is protected to modifications to save the snapshots integrity. I don't have a dump to be analyzed.

and can you give us a report of your drivers,use your preferred tool or use hijack hunter:
http://www.novirusthanks.org/products/hijack-hunter/
It's not a matter of malware, but driver conflict.

I have to say that I'm impressed by the way you stick with testing out CTM.
I believe in software development.
I believe in freewares.


pk, is there anything you could help me?
The best things in life are free.

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Quote
Quote from: superhacker on Yesterday at 07:42:11 PM
and can you give us a report of your drivers,use your preferred tool or use hijack hunter:
http://www.novirusthanks.org/products/hijack-hunter/
It's not a matter of malware, but driver conflict.
I know you are malware free but i want to know what drivers you have so may i can determine the buggy driver
Dreams don't die, they just fall asleep.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
I'll take a look. Thanks.

I wish I get some kind of help here from the programmers. I'm quite suspicious it is related to avast sandbox also.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Well, now is the avast sandbox driver which is BSODing.

I've got a BSOD:
aswSnx.sys 0x00000050 (0xE507B374, 0x00000000, 0x8B911512, 0x00000000)
PAGE_FAULT_IN_NONPAGED_AREA

Can you test the beta version of the CTM?
The BSOD I've got when I was trying to upload a file (picture) in the avast forums.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Could you get in contact with Doskey (the product manager of Comodo Time Machine)?
Here is the thread it was being discussed https://forums.comodo.com/bug-reports-ctm/ctmfltsys-bsods-0x000000f7-with-175-beta-t58907.0.html;msg414025#msg414025
The best things in life are free.

Offline pk

  • Avast team
  • Super Poster
  • *
  • Posts: 2078
Tech, thanks for your feedback.
Without dump, it's very hard (and mostly impossible) to figure out what exactly went wrong - you know only type of BSOD from those four numbers.. The only way is to install CTM beta and monitor BSODs in our debugger..

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
The only way is to install CTM beta and monitor BSODs in our debugger..
Can you do that for me, please?
The error occurred in the sandbox driver when I've tried to upload a screenshot to avast forum.

Without dump, it's very hard (and mostly impossible) to figure out what exactly went wrong - you know only type of BSOD from those four numbers.
CTM prevents the dump file to be saved and its developers said it is impossible to have their drive ON while Windows is crashed and the dump is being saved.
The best things in life are free.

Offline pk

  • Avast team
  • Super Poster
  • *
  • Posts: 2078
Tech... alright, what's your OS? Win7 x86?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Tech... alright, what's your OS? Win7 x86?
Win7 Pro 32 bits
Thanks for the support.
The best things in life are free.

Offline pk

  • Avast team
  • Super Poster
  • *
  • Posts: 2078
Installed the latest CTM (build 175), but I wasn't able to start the program after reboot.. see screenshot, I'll wait for the next build.

tested on: multi-boot system, Win7 32-bit
« Last Edit: July 11, 2010, 06:47:10 PM by pk »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Will it help if you get remote access to my system?

Right now I've disabled avast sandbox to avoid BSODing.

The error you're seeing seems to be related to multi boot systems.
You need to install in all running operational system.
The console (the "critical subsystem) is only installed after all operational system has CTM.
You need to choose the proper options while installing.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Can you help me? Maybe a AIS Sandbox conflict with Comoto Time Machine
« Reply #14 on: September 01, 2010, 01:41:55 PM »
pk, did you make any specific change into the sandbox to correct this error?
Comodo said it was a problem in their side and will be corrected in the next CTM version (https://forums.comodo.com/bug-reports-ctm/ctmfltsys-bsods-0x000000f7-with-175-beta-t58907.0.html;msg427463#msg427463)
But they don't release a new version and the problems disappears with avast 5.0.668 beta.

So, did you correct this error?
The best things in life are free.